View in browser | Unsubscribe

Disaster recovery plans are essential to business continuity, but these plans will lose value if they are not tested on a regular basis. Frequent testing leads to peace of mind. You can't wait until disaster strikes to find out if your plan will work. Testing is essential for disaster recovery success, and, a proactive test plan will reap benefits to the organization. Read this week's articles for more on the importance of testing your business continuity/disaster recovery plans.

When your plan is complete, the work has only just begun. (Item #1)   Effective plan testing is the topic of this article on best practices. (Item #2)   What flaws could your test have missed? (Item #3)  

Internal communication is a critical part of every plan and should be tested as well. (Item #4)   Healthcare organizations have special concerns when testing plans. (Item #5)   San Diego County's Health and Human Services Agency had a real event during which to test their plan. (Item #6)  

As always, we look forward to hearing about your concerns with regards to business continuity. If you have a topic you'd like to see covered, please email me at [email protected]

Best Regards,

Bob Mellinger
President
Attainium Corp

Quote of the Week

"Your recovery response will only be as successful as your most recent recovery test."
- Bob DiLossi, Director, Crisis Management, SunGard Availability Services -

Articles

1. Exercising: the secret to successful business continuity plans
After you have completed all the necessary activities associated with a developing business continuity plan, you may think you're finished. In reality business continuity plans are useless until you exercise them. Fortunately, many types of exercises are possible, ranging from simple to very complex. The key is to incorporate exercising as part of the overall business continuity management process.
http://www.continuitycentral.com/feature0696.html

2. Business Continuity Plan Testing: Considerations and Best Practices
Organizations face the daunting task of validating the plans created by their organizations and training their recovery personnel to use the plans created since 9/11. New business continuity management (BCM) coordinators are looking for guidance regarding the best and most cost-effective process to validate plan content. This article from ISACA captures thoughts, observations and industry best practices regarding plan testing.
http://www.isaca.org/Template.cfm?Section=Publications1&CONTENTID=7888&TEMPLATE=/ContentManagement/ContentDisplay.cfm

3. Five critical recovery flaws your last DR test might have missed
Businesses today are spending millions of dollars to develop and maintain disaster recovery infrastructures that will ensure business continuity. But despite such huge investments of time and resources, most IT professionals are still not completely confident in their ability to recover in an emergency. With industry analysts citing disaster recovery failure rates of at least 60 percent, there's good reason to be concerned.
http://www.continuitycentral.com/feature0645.html

4. Communicating Internally
Whether your company has 20 employees or 200,000, preparing for effective employee communication during a disaster situation should be a top priority. Every company has its own ways of communicating internally, and disaster communications plans vary greatly. Once the internal communications plan has been created, you should test it to make sure it works well.
http://www.respondtodisaster.org/sites/default/files/Communicating%20Internally.pdf

5. Health IT Disaster Recovery Testing Tips
Nowadays, every healthcare organization needs an airtight disaster recovery plan. Not only do HIPAA and Joint Commission regulations require healthcare entities to protect the integrity and availability of data, but hospital, clinic, and health system personnel also have an increased reliance on information systems. How can you ensure your information systems will continue to work in the event of a power outage? Do you know what you would need to do to restore all your systems and processes in a short time if a serious disaster occurs? The only way to confidently answer these questions is to test your existing disaster recovery plan.
http://www.healthcaretechnologyonline.com/article.mvc/Health-IT-Disaster-Recovery-Testing-Tips-0001?VNETCOOKIE=NO

6. A high return, low impact, exercise regimen
San Diego County's Health and Human Services Agency had faced massive regional wildfires before. They had developed business continuity plans and conducted tabletop exercises, yet they had not undergone functional exercises to identify gaps or inaccurate assumptions. They were currently developing materials to train managers to conduct these exercises but were not scheduled to start the training for two more months. They wondered how staff would perform under the stress of a real event.
http://www.continuitycentral.com/feature0684.html